.TH SSH-MITM 1 "SSH-MITM 5.0.1" "SSH-MITM Manual"

.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l

.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
SSH-MITM \- ssh audits made simple
.SH SYNOPSIS
.sp
.nf

\fIssh-mitm\fR [\-V|\-\-version] [\-h|\-\-help] [\-d|\-\-debug]
    [\-\-paramiko\-log\-level {warning,info,debug}]
    [\-\-disable\-workarounds]
    <subcommand> [<args>]
.fi
.sp

.SH "DESCRIPTION"
This manual page explains the
.B SSH-MITM
program.
.PP
\fBSSH-MITM\fP is a man in the middle SSH Server for security audits and malware analysis.

Password and publickey authentication are supported and \fBSSH-MITM\fP is able to detect, if a user is able to login with publickey authentication on the remote server.
This allows \fBSSH-MITM\fP to acccept the same key as the destination server. If publickey authentication is not possible, the authentication will fall back to password-authentication.

When publickey authentication is possible, a forwarded agent is needed to login to the remote server. In cases, when no agent was forwarded, \fBSSH-MITM\fP can rediredt the session to a honeypot.

.SH "OPTIONS"

.PP
\fB\-v, \-\-version\fP
.RS 4
Prints the SSH-MITM suite version that the
\fIssh-mitm\fR
program came from\&.
.RE

.PP
\fB\-h, \-\-help\fP
.RS 4
show  help message and exit\&.
.RE

.PP
\fB\-d, \-\-debug\fP
.RS 4
more verbose output of status information
.RE

.PP
\fB\-\-paramiko\-log\-level\fP {warning,info,debug}
.RS 4
set paramikos log level
.RE

.PP
\fB\-\-disable\-workarounds\fP
.RS 4
disable paramiko workarounds
.RE


.SH "SSH-MITM SUBCOMMANDS"

\fBSSH-MITM\fP is devided into several commands. Those commands can be used for client and server audits.

Each command can be called as "\fBssh-mitm <subcommand>\fR [<args>]" or "\fBssh-mitm-<subcommand>\fR [<args>]".

For examplple "ssh-mitm server" or "ssh-mitm-server" starts the man in the middle server.

.SS "SUBCOMMANDS"

.PP
\fBssh-mitm-audit\fR(1)
.RS 4
audit tools for ssh servers\&.
.RE

.PP
\fBssh-mitm-server\fR(1)
.RS 4
start the ssh-mitm server\&.
.RE
